ABACUSNEXT WHITE PAPER

The word ransomware has been popping up in the news with increasing frequency these days. That’s because this type of cybercrime is growing in both frequency and size, with 2017 predicted to be the worst year to date.

WHY ACCOUNTING FIRMS ARE A PRIME TARGET FOR RANSOMWARE HACKS: Learning from Netflix, Wannacry, and Ashley Madison

2

What is ransomware, and how does it work? Ransom-ware is a specific kind of malware that infects a device (e.g., a computer, smartphone, or server) and gives hackers access to all the files on that device. The ways that hackers get ransomware onto devices is constantly changing, which is part of what makes these attacks so dangerous. Sometimes victims click on a dubious link in an email that activates the ransomware, or victims unknowingly download a file containing ransomware. Other times, the hackers gain access to a device through a back door without the victim needing to do anything at all.Once a device is infected, the ransomware is deployed, and hackers are able to encrypt or steal files. They hold those files hostage, or threaten to release the stolen in-formation, unless the victim meets a demand. Frequently, hackers demand payment (usually in Bitcoin or some other untraceable currency). Other times, hackers ask the victim to comply with a directive.Ransomware attacks are often able to net millions of dollars before they are shut down. And every time a ransomware attack is stopped, the hackers immediately

How Does Ransomware Work?

The Specific Vulnerabilities of Accounting Firms

ABACUSNEXT WHITE PAPER

Increasingly, ransomware attacks are targeting busi-nesses. Hackers who are looking to make money with ransomware may believe businesses have

deeper pockets, and therefore may be more willing to pay up. But make no mistake; it isn’t just major corpo-rations that are being targeted. All kinds of companies are falling victim to ransomware attacks, and there are several reasons why accounting firms are prime targets:1. Sensitive Data: Accounting firms frequently work

with highly sensitive client information: social secu-rity numbers, banking information, tax documents, passwords. This kind of information is lucrative for cybercriminals who can sell it on dark web for top-dollar. However, hackers don’t necessarily have to find a buyer on the dark web to make money. Thanks to ransomware, all they have to do is hold your firm’s information hostage, or threaten to sell it, until they get some form of payment.

2. Numerous Access Points: Unlike some other busi-nesses, almost every employee in an accounting firm needs direct access to clients’ sensitive information and files. That means employees at all levels—from partners to clerical staff—could be targets for ran-somware attacks. (Just think about how many entry points hackers might have into your firm’s system.) All it takes is one breached account, one downloaded file, or one click to paralyze your entire company.

3. An Inundation of New Technology: The world of accounting technology is exploding. The industry has been flooded with new accounting apps and products at an astonishing rate. At the same time, firms are rapidly adopting cloud-based systems and technology. This pace of innovation is great for the industry, but it’s also great for cybercriminals. Every new product and new integration provides a new opportunity for hackers. And many accounting firms are adopting new technology without the proper security in place.

Despite the risks, there are several steps that accounting firms can take to protect themselves. In the next section, we look at three major ransomware attacks—Netflix, WannaCry, and Ashley Madison—and determine what accounting firms can learn from each attack.

Over the past decade, several bigname companies have been in the news for major cybersecurity breaches and ran-

somware attacks—Target, Ashley Madison, Netflix, Yahoo, Linkedin, etc. However, it isn’t just ma-jor corporations that need to take precautions. Smaller companies, especially accounting firms, are prime targets for ransomware attacks. Here’s what your accounting firm needs to know.

begin searching for new vulnerabilities, weak links, and loopholes to exploit. So it’s an endless cycle.

www.abacusnext.com 888.994.8615 info@abacusnext.com

What Happened?You may have heard about the Netflix hack back in April of 2017. Hackers were able to access all the episodes for an unreleased season of “Orange Is the New Black.” When Netflix failed to meet hackers’ demands, they posted the entire season was posted online. The hack-ers also claimed to have material from several other television networks in addition to Netflix. However, other networks have not corroborated that claim.

After the Netflix ransomware attack, investigators found that a third-party vendor, a small production company, was the weak link that allowed hackers to access the Netflix files. Because the production company had ac-cess to all the Netflix files, and also had weaker security, hackers were able to steal the files without breaching Netflix itself. Security experts had long warned that this third-party vendor put the larger companies at risk, yet

What Happened?Avid Life Media saw an enormous security breach in 2015 when their infamous infidelity website, Ashley Madison, was the subject of a ransomware attack. A group of hackers calling themselves “The Impact Team” took issue with Avid Life Media’s business practices and mission.

The hackers deployed ransomware that was able to collect personal information from the site’s 32 million members (including users’ personal information, account preferenc-es, and credit card numbers). The hackers then threatened to release all the sensitive information unless the company shut down Ashley Madison and its partner website.

The saga did not end well for Avid Life Media. They refused to comply with the hackers’ demands, and as a result, the hackers posted all the stolen information online in a searchable, public database.

After the hack, investigators determined that the hackers were able to access users’ data despite the fact that the

Case Study 1: “The Netflix Hack”

Case Study 2: “The Ashley Madison Data Leak”

ABACUSNEXT WHITE PAPER

the companies had not put the proper security protocols in place in response.

What Can We Learn?Even if your firm has stringent security measures in place, a third-party vendor may be your Achilles heel. It is important for accounting firms to have security solutions that look at the firm’s entire web of programs, apps, vendors, etc. If a firm does not secure every point of integration, and every data sync, third-party vendors could pose a risk.

As an accounting firm grows, it naturally builds partner-ships with outside companies and vendors to handle different aspects of the accounting process. However, outsourcing is only a good long-term investment if your firm has also invested in a robust security system to protect your data from end to end.

company used rather sophisticated data-encryption tech-niques. Another surprise, the hackers were able to release information that Avid Life Media claimed had been per-manently deleted. In fact, the company had even charged users a fee to supposedly delete this data.

What Can We Learn?While it’s unlikely that accounting firms will be the vic-tims of moral hacks by vigilante groups, they still need to recognize that they are working with highly sensitive client data—data that, in the wrong hands, could be damaging. Imagine the potential fallout from a leaked tax return doc-ument or financial report. Accounting firms simply cannot afford the risk.

Second, remember that deleting data from a single device does not mean it cannot be retrieved later. Often times, a copy of that deleted information is stored somewhere. So even if you think something is gone, it has probably left a digital footprint somewhere. The right IT security company can tell you where that data lives and who can still see it.

3 www.abacusnext.com 888.994.8615 info@abacusnext.com

4

ABACUSNEXT WHITE PAPER

What Happened?Last month, the ransomware known as WannaCry crip-pled businesses in several countries. WannaCry froze users’ computers, encrypted their files, and demand-ed payment before returning the files. In many cases, victims paid the hackers because the amount they demanded was relatively small. Before this ransomware attack was stopped, it had already affected hospitals, transportation systems, and even FedEx.

Investigators determined that the WannaCry attack functioned a lot like a phishing scam—users clicked on links or opened emails that looked legitimate. This gave hackers access to all the computer’s files. Investigators also discovered that WannaCry exploited a vulnerability in Microsoft operation systems that had been discov-ered by the NSA and leaked to the public. Prior to the start of the attack, Microsoft had already sent out an update to fix the problem. However, many victims were running outdated versions of Microsoft, or had not downloaded the update.

Case Study 3: “The WannaCry Ransomware Attack”

What Can We Learn?This hack shows that ransomware attacks are indeed targeting businesses. Firms cannot assume their size, lo-cation, client base, or any other company attribute makes them immune to cybercrime. The only thing that will protect a company is comprehensive, strategic IT security.

This ransomware attack also illuminates the importance of training your staff on cybersecurity, especially those who work with sensitive client data. Firms should also have a system in place to notify staff immediately if security concerns arise. However, the best solution is to have a team if IT security professionals who are monitor-ing your firm’s system and dealing with issues before they reach your staff. Doesn’t your staff have enough to worry about already?

Finally, WannaCry is a reminder that firms need to keep their IT up-to-date. Some companies don’t invest in sys-tem upgrades or IT security measures because it saves money in the short-term. However, that decision opens the company up to immeasurable risk.

www.abacusnext.com 888.994.8615 info@abacusnext.com

Abacus Private Cloud is a trademark of Abacus Data Systems, Inc. Other products or services may be trademarks or registered trademarks of their respective companies. © 2017 Abacus Data Systems, Inc. All rights reserved. 062117_CC

Protect Your DataUnlike public cloud or SaaS products (which are hosted online and store your data on third-party servers), Abacus’s Private Cloud creates a private server for your firm that is not shared with any other company. This allows you to retain control of your data, and ensures your firm can comply with industry security regulations.

The Abacus Private Cloud is also SOC2-compliant and uses a multi-tiered approach with five layers of security (physical, network, and data) to provide a robust and safe environment for all your firm’s data. Other protections in-clude 256-bit AES data encryption, and a Digitus Biometric locking system and 24/7 monitoring at our server sites. Fur-thermore, Abacus also uses redundant data centers to ensure your data is never lost or wiped out.

Reduce In-House IT Costs Partnering with Abacus can remove inter-nal IT burdens by transferring the man-agement of your security to the Abacus team. Abacus Private Cloud frees your team from having to deal with tedious and confusing IT tasks, allowing you to focus all your energy on your clients. Pri-vate Cloud can also have enormous fi-nancial benefits. Abacus customers save an average of $3,966 annually when they move to the Private Cloud.

Best of all, Abacus easily scales up or down so you can get the IT support that matches the size of your business. If your business grows, your IT security can grow with you. Learn more about Abacus Pri-vate Cloud on our website, www.abacus-next.com.

Unlock the Power of the Cloud Without Compromising SecurityWant to leverage cloud-based technolo-gy while maintaining the highest security standards? Now you can. Abacus Private Cloud moves all your firm’s programs, applications, data, and files into a secure, virtual workspace.

That virtual workspace can then be ac-cessed by your employees—anywhere, anytime, and from any device. That means your data is safe, whether your employees and sending emails from home or logging onto QuickBooks from a mobile phone. The Private Cloud also allows employees to safely use their personal devices for company business, giving everyone more flexibility without compromising security.

ABACUSNEXT WHITE PAPER

www.abacusnext.com 888.994.8615 info@abacusnext.com

Protect Your Firm With AbacusNextThese three case studies are just the tip of the iceberg. Luckily, there are IT security solutions that move the burden of security off of your internal team and into the hands of cybersecurity experts. Investing in a robust IT security system means your

firm won’t need to understand all the ins-and-outs of ransomware attacks and other cyber-threats. Instead, you can rely on industry experts to keep your firm secure.